The Trojan In Free Jailbreak Tweak Can Steal Revenues Through Google’s AdMob

With every iOS update, hackers begin their quest for a jailbreak which they eventually achieve. The major reason why some users choose to jailbreak is customization beyond iOS boundaries that the stock version fails to provide. From changing visual appearance of the user interface to enhancing functionality, Cydia has been a good source for providing tweaks and packages.

However, the device is said to contain a trojan that even exists after you remove the tweak. The trojan sticks to your Google’s AdMob and steals revenues which are generated from the host device. It also collects UDIDs and sends them to a remove server destination. When a user installs the Lock Saver, the tweak copy’s trojan files to the following destination: /Library/MobileSubstrate/DynamicLibraries/ .

Advertisements

Developer Alan Kerr states that the tweak makes the directory (/Library/MobileSubstrate/DynamicLibraries/) writable as Service.dylib is installed at runtime. This changes the permission to 777 which initially should be 755, so in case you are infected you would have to change it back. You can change the permission using iFile if you want to halt any untrusted and unauthorized files from being installed automatically.

If you have Lock Saver installed, remove it immediately. After you do so, the free tweak leaves behind two malicious files namely, ‘Service.plist’ and ‘Service.dylib’. You will have to iFile to remove these files from the following location: /Library/MobileSubstrate/DynamicLibraries/ . Good for us the free tweak has been removed from ModMyi’s repo and we would recommend users not to install it. This is it for now, folks. Let us know in the comments section below if your jailbroken device has been infected with the Lock Saver trojan.

All of these texts are owned by its respective writers and are published here under a Creative Commons License. Visit the author’s website (see link below the title of this post) to determine the actual terms of the license.